<?php

/**
 * Controller is the customized base controller class.
 * All controller classes for this application should extend from this base class.
 */
class AdminController extends CController {

    /**
     * @var string the default layout for the controller view. Defaults to '//layouts/column1',
     * meaning using a single column layout. See 'protected/views/layouts/column1.php'.
     */
    public $layout = '//layouts/main';

    /**
     * @var array context menu items. This property will be assigned to {@link CMenu::items}.
     */
    public $menu = array();
    public $arr_accessrule = array();
    public $menu_privilege = false;
    public $action_create = 0;
    public $action_update = 0;
    public $action_delete = 0;
    public $action_publish = 0;
    public $action_order_by = 0;
    public $action_activate = 0;
    public $action_process = 0;
    public $action_report = 0;

    /**
     * @var array the breadcrumbs of the current page. The value of this property will
     * be assigned to {@link CBreadcrumbs::links}. Please refer to {@link CBreadcrumbs::links}
     * for more details on how to specify this property.
     */
    public $breadcrumbs = array();

    public function __construct($id, $module = null) {
        parent::__construct($id, $module);

        Yii::app()->theme = Yii::app()->params['config']['theme']['backend']['name'];
        
        if (Yii::app()->user->isGuest) {
            $this->redirect(array('/admin/login'));
        }

        //administrator privilege
        //$active_url = '/' . Yii::app()->controller->uniqueid . '/' . Yii::app()->controller->action->id;
        $server_script_name = str_replace('/index.php', '', $_SERVER['SCRIPT_NAME']);
        $server_request_uri = $_SERVER['REQUEST_URI'];
        $active_url = str_replace($server_script_name, '', $server_request_uri);

        $arr_active_url = explode('/', $active_url);
        $active_module1 = $arr_active_url[1];
        $active_module2 = $arr_active_url[2];
        $active_controller = $arr_active_url[3];

        $sql = "SELECT * FROM site_administrator_menu, site_administrator_privilege
            WHERE administrator_menu_id = administrator_privilege_administrator_menu_id
            AND administrator_menu_is_active = '1'
            AND administrator_privilege_administrator_group_id = '" . Yii::app()->user->administrator_group_id . "'";

        $rs = Yii::app()->db->createCommand($sql)->queryAll();

        $actions_privilege = false;

        //jika level adalah superuser, maka langsung mendapat hak akses semua menu & action
        if (Yii::app()->user->administrator_group_type == 'superuser') {
            $this->menu_privilege = true;

            $this->action_create = '1';
            $this->action_update = '1';
            $this->action_delete = '1';
            $this->action_publish = '1';
            $this->action_order_by = '1';
            $this->action_activate = '1';
            $this->action_process = '1';
            $this->action_report = '1';

            $this->arr_accessrule = array(
                array('allow',
                    'actions' => array('list', 'detail', 'index', 'view', 'create', 'update', 'delete', 'publish', 'order_by', 'activate','unpaid_list','paid_list','reportactivation','updateunpaid','process','tes','migrationactivation', 'download','report', 'print', 'autologin', 'password'),
                    'users' => array('@'),
                ),
            );
        } else {
            foreach ($rs as $row) {
                $arr_menu_link = explode('/', $row['administrator_menu_link']);
                $menu_module1 = $arr_menu_link[1];
                $menu_module2 = $arr_menu_link[2];
                $menu_controller = $arr_menu_link[3];

                if ($active_controller == $menu_controller) {
                    $this->menu_privilege = true;

                    $this->action_create = $row['administrator_privilege_action_create'];
                    $this->action_update = $row['administrator_privilege_action_update'];
                    $this->action_delete = $row['administrator_privilege_action_delete'];
                    $this->action_publish = $row['administrator_privilege_action_publish'];
                    $this->action_order_by = $row['administrator_privilege_action_order_by'];
                    $this->action_activate = $row['administrator_privilege_action_activate'];
                    $this->action_process = $row['administrator_privilege_action_process'];
                    $this->action_report = '1';

                    switch (Yii::app()->controller->action->id) {
                        case "create":
                            if ($row['administrator_privilege_action_create'] == 1)
                                $actions_privilege = true;
                            break;

                        case "update":
                            if ($row['administrator_privilege_action_update'] == 1)
                                $actions_privilege = true;
                            break;

                        case "delete":
                            if ($row['administrator_privilege_action_delete'] == 1)
                                $actions_privilege = true;
                            break;

                        case "publish":
                            if ($row['administrator_privilege_action_publish'] == 1)
                                $actions_privilege = true;
                            break;

                        case "order_by":
                            if ($row['administrator_privilege_action_order_by'] == 1)
                                $actions_privilege = true;
                            break;

                        case "activate":
                            if ($row['administrator_privilege_action_activate'] == 1)
                                $actions_privilege = true;
                            break;

                        case "process":
                            if ($row['administrator_privilege_action_process'] == 1)
                                $actions_privilege = true;
                            break;
                         
                        case "report":
                                $actions_privilege = true;
                            break;
                            
                        default:
                            $actions_privilege = false;
                            break;
                    }
                }
            }

            //jika url sama persis dengan hak akses menu, maka langsung allow
            if ($actions_privilege == true) {
                $this->arr_accessrule = array(
                    array('allow',
                        'users' => array('@'),
                    ),
                );
            } else {
                //jika url tidak sama persis, maka cek hak akses action
                if ($this->menu_privilege == true) {
                    $this->arr_accessrule = array(
                        array('allow',
                            'actions' => array('list', 'detail', 'index', 'view', 'print', 'autologin', 'password'), //default hak akses action jika mempunyai hak akses menu
                            'users' => array('@'),
                        ),
                        array('deny',
                            'users' => array('*'),
                        ),
                    );
                } else {
                    $this->arr_accessrule = array(
                        array('deny',
                        ),
                    );
                }
            }
        }
    }

    public function actions() {
        return array(
            // captcha action renders the CAPTCHA image displayed on the contact page
            'captcha' => array(
                'class' => 'CCaptchaAction',
                'backColor' => 0xFFFFFF,
                'testLimit' => 1,
                'backColor' => 0xFFFFFF,
                'width' => 155,
                'padding' => 1,
            ),
        );
    }

    public function accessRules() {
        parent::accessRules();

        //print_r($this->arr_accessrule);
        return $this->arr_accessrule;
    }

    public function filterAccessControl($filterChain) {
        $rules = $this->accessRules();

        // default deny
        $rules[] = array('deny');

        $filter = new CAccessControlFilter;
        $filter->setRules($rules);
        $filter->filter($filterChain);
    }

}